Rocky Linux 9.0, the latest version of the open-source enterprise operating system designed to be fully bug-for-bug compatible with Red Hat Enterprise Linux (RHEL), is now available. The update includes new security and networking features, as well as a new open-source build system called Peridot.
Released on July 14, Rocky Linux 9.0 has all the infrastructure tools in the build chain allowing developers to choose Rocky Linux or extend or replicate the operating system, if a developer wants to do something independent of the community or any upstream support organization.
One of the main goals of developing the new cloud-native build system was to ensure that new Rocky builds could be released within a week of new RHEL builds, project representatives said.
Peridot’s source code can be found on GitHub and will soon be easily installable via the Helm charts. Rocky Linux downloads are available at rockylinux.org.
Hosted by the Rocky Enterprise Software Foundation (RESF), Rocky Linux was created by one of the original founders of CentOS, CIQ CEO Gregory Kurtzer, to achieve CentOS’ original goal of serving as a downstream version of RHEL. ready for production.
Developed by CIQ and entrusted to RESF, Peridot serves as the native cloud stack for building and managing Rocky Linux. The stack has been released as open source. Rocky Linux uses open source tools to deliver a “reproducible” operating system to ensure there is no repeat of CentOS end-of-life issues, according to the project.
Other highlights of Rocky Linux 9.0 include the following security enhancements and networking features, such as SELinux performance improvements, memory overhead, and load times.
Additionally, OpenSSL, now at version 3.0.1, features a new versioning scheme, an improved HTTP(S) client, and support for new protocols and formats while Rocky Linux supports automatic configuration of security compliance settings for PCI-DSS, HIPPA, DISA, and others through the Anaconda installer, saving time and effort.
OpenSSH, now at version 8.7p1, also offers the replacement of the SCP/RCP protocol with the SFTP protocol, providing more predictable filename handling.
Additionally, the use of SHA-1 message digests has been deprecated – as the cryptographic hash functions produced by SHA-1 are no longer considered secure – and the multipath TCP daemon, or mptcpd, can be used instead from iproute2 to configure multipath TCP. endpoints.
To complete the improvements, NetworkManager now uses keyfiles to store new connection profiles by default, but still supports ifcfg. and the network-scripts package has been removed – use NetworkManager to configure network connections.
Join the newsletter!
Error: Please verify your email address.